Glossary of terms

There are a few important concepts in Maltego that need to be understood before using Maltego.

Desktop Client

Maltegos software used on the desktop is referred to as the desktop client. The desktop client comes in variations of community, classic and XL.

Entity

An entity is a piece of information shown as a node on the graph. Different entity types are used to differentiate between the different pieces of information that can be represented in Maltego.

Entities can be anything such as a DNS Name, Person, Phone number, etc. The Maltego client comes with about 20 entities targeted for use in online investigations, but you can also make your own custom ones.

Transform

A transform is a piece of code that searches for information related to an entity on the graph. Transforms allows you to query an API or database to show related info on the graph.

The idea is that we are "transforming" one type of information into another type. For example we could have the website "www.paterva.com" and transform it into the IP address "104.200.18.205".

By default Maltego has transforms that can query information from data sources like DNS servers, search engines, social networks, WHOIS information, etc.

Machine

Machines are the Maltego equivalent of macros. Machines allow you to chain together multiple transforms, filters and actions in order to automate common and tedious tasks.

Hub Item

Transforms and the entity types that they use, need to be stored on a server that can be accessed by the Maltego client.

Hub items allow Maltego users to install combinations of Transforms, Entities and Machines from a server. By default Maltego installs the hub item called "Paterva CTAS" which contains the transforms, entities and machines that are developed and maintained by the developers of Maltego.

Additional hub items can be installed to get 3rd party functionality built by the community.